Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/8evftJUy1_AFoG9fkMrRcBt1kMs.roa
File: 8evftJUy1_AFoG9fkMrRcBt1kMs.roa (raw, json)
Hash identifier: mXaUK6kLbjc9qGXxVF5Wjqu6WjnGlDQiSvErzKg+WOk=
Subject key identifier: F1:EB:DF:B4:95:32:D7:F0:05:A0:6F:5F:90:CA:D1:70:1B:75:90:CB
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019908C342B8D072CAA501FBB3F06193E776
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/8evftJUy1_AFoG9fkMrRcBt1kMs.roa
Signing time: Tue 02 Sep 2025 04:50:38 +0000
ROA not before: Tue 02 Sep 2025 04:50:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214657
IP address blocks: 151.244.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Sep 2025 13:03:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:08:c3:42:b8:d0:72:ca:a5:01:fb:b3:f0:61:93:e7:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Sep 2 04:50:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f1ebdfb49532d7f005a06f5f90cad1701b7590cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:fa:54:50:e9:ae:1b:ca:01:a1:7b:28:aa:80:
33:ad:ff:fc:38:b2:6c:49:46:8e:25:c0:d5:8b:55:
e0:44:b9:06:25:ab:90:46:8b:3a:a4:8a:da:d9:27:
82:be:01:28:3c:ea:04:29:0c:f6:ff:00:a8:2a:9f:
32:51:5f:64:dd:7b:db:74:97:fe:26:3b:9d:fd:ca:
5c:62:83:38:8d:9f:aa:71:46:aa:03:39:2a:ef:76:
7b:78:54:9c:98:bc:55:c8:17:47:36:38:19:a2:fe:
9c:a1:db:a4:48:7c:26:0e:e1:d5:ca:6a:41:23:f8:
fd:2d:aa:ad:53:5e:0c:9f:26:a1:37:3a:e4:fd:83:
12:fe:3f:e2:04:e6:64:63:bb:d0:ef:a8:52:d2:18:
0e:a1:ba:ba:fd:b8:57:78:88:2c:a8:76:cf:9f:26:
de:f4:82:4e:63:3a:37:1c:51:57:61:3f:d7:c6:c3:
b0:f6:08:45:aa:0a:a4:38:31:6b:e5:bd:72:b5:e2:
14:58:8e:4b:08:4c:68:83:94:9f:29:1f:04:8a:2b:
c1:47:4c:11:01:79:81:4d:eb:ef:ae:02:a9:6f:8b:
61:c3:e1:d2:48:8b:75:41:25:29:f0:9e:41:31:4c:
9d:b6:c9:0e:45:a1:10:6b:19:1a:59:64:9a:9f:91:
bc:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:EB:DF:B4:95:32:D7:F0:05:A0:6F:5F:90:CA:D1:70:1B:75:90:CB
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/8evftJUy1_AFoG9fkMrRcBt1kMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.244.242.0/24
Signature Algorithm: sha256WithRSAEncryption
09:58:92:cd:ed:37:da:2d:a4:0e:c3:99:47:d1:62:8c:f7:b6:
6f:b6:53:04:4d:1f:cc:37:0f:6c:39:5c:fa:be:92:e0:96:48:
26:be:7e:d6:88:13:d5:67:87:d7:87:52:67:76:be:98:d2:04:
9f:16:3e:b5:e7:13:12:27:23:03:cb:2b:e9:fb:6c:55:5c:9a:
7e:46:ad:18:64:d6:2a:d8:5f:0b:fb:22:93:66:75:93:f9:e4:
fd:a3:e7:43:8f:24:2f:89:31:e9:7c:2e:d6:e5:79:c3:a9:11:
d2:db:fd:43:3b:44:ac:3d:7c:d2:ec:b2:2f:49:4a:c5:74:ca:
b8:ac:5d:5d:29:6d:39:48:42:ee:ac:f6:5d:cd:eb:6b:f5:8c:
0d:72:64:09:e6:ea:6d:1d:5a:84:61:61:15:ee:53:45:7d:a1:
ff:76:fd:24:4e:a4:ea:ae:39:67:73:bd:c2:28:2d:00:cf:d7:
0d:21:ae:a8:a2:f8:3f:94:bf:41:05:57:1a:7e:42:13:01:92:
1f:00:ca:cd:19:76:2f:1d:1a:bc:6a:0f:70:8b:d7:f5:b6:b2:
f3:46:60:46:94:ab:b8:c4:44:40:76:f0:d3:66:c5:77:e3:d3:
15:31:9d:2d:29:c1:9a:72:6c:f8:a2:24:27:54:3a:a0:cc:34:
b8:b6:55:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZkIw0K40HLKpQH7s/Bhk+d2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwOTAyMDQ1MDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWViZGZiNDk1MzJkN2YwMDVhMDZmNWY5MGNhZDE3MDFiNzU5MGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPpUUOmuG8oBoXsoqoAzrf/8OLJs
SUaOJcDVi1XgRLkGJauQRos6pIra2SeCvgEoPOoEKQz2/wCoKp8yUV9k3XvbdJf+
Jjud/cpcYoM4jZ+qcUaqAzkq73Z7eFScmLxVyBdHNjgZov6codukSHwmDuHVympB
I/j9LaqtU14MnyahNzrk/YMS/j/iBOZkY7vQ76hS0hgOobq6/bhXeIgsqHbPnybe
9IJOYzo3HFFXYT/XxsOw9ghFqgqkODFr5b1yteIUWI5LCExog5SfKR8EiivBR0wR
AXmBTevvrgKpb4thw+HSSIt1QSUp8J5BMUydtskORaEQaxkaWWSan5G8twIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPHr37SVMtfwBaBvX5DK0XAbdZDLMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvOGV2ZnRKVXkxX0FGb0c5ZmtNclJjQnQxa01zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/TyMA0G
CSqGSIb3DQEBCwUAA4IBAQAJWJLN7TfaLaQOw5lH0WKM97ZvtlMETR/MNw9sOVz6
vpLglkgmvn7WiBPVZ4fXh1Jndr6Y0gSfFj615xMSJyMDyyvp+2xVXJp+Rq0YZNYq
2F8L+yKTZnWT+eT9o+dDjyQviTHpfC7W5XnDqRHS2/1DO0SsPXzS7LIvSUrFdMq4
rF1dKW05SELurPZdzetr9YwNcmQJ5uptHVqEYWEV7lNFfaH/dv0kTqTqrjlnc73C
KC0Az9cNIa6oovg/lL9BBVcafkITAZIfAMrNGXYvHRq8ag9wi9f1trLzRmBGlKu4
xERAdvDTZsV349MVMZ0tKcGacmz4oiQnVDqgzDS4tlUy
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:32:20 2025 by rpki-client